Yesterday evening, European time, a group of hackers broke into the xoops.org server and corrupted most if not all files.

This included our most recent backups so quite a bit has been lost. Fortunately the database was not affected, so the content is for the most part still there.

We have worked very hard in the past 26-30 hours to get xoops.org up and running, but it will take a while yet, since we are also taking the opportunity to make some adjustments.

We have not a confirmed point of entry, but the hackers did claim to use the xml-rpc interface - however we doubt that very much.
Instead we have identified suspicious behaviour that could be an exploit of a vulnerability in the Apache version, we were using on the webserver and we have upgraded the Apache version to counter this.

We are still working on it and we also want to make sure that the hole is indeed closed, so it will take a little while before the xoops.org websites are re-opened.